漏洞类别:Local
漏洞等级: 
漏洞信息
IBM Domino (formerly IBM Lotus Domino) is an advanced platform for hosting social business applications.
IBM Domino is vulnerable to a IMAP EXAMINE command stack buffer overflow vulnerability which can allow authenticated attackers to execute arbitrary code by specifying a large mailbox name.
Affected Versions
IBM Domino 9.0.0 prior to 9.0.1 Fix Pack 8 Interim Fix 2
IBM Domino 8.5.3 prior to 8.5.3 Fix Pack 6 Interim Fix 17
IBM Domino 6.6.4 to 8.5.2 (Fixed version 8.5.3 Fix Pack 6 Interim Fix 17)
漏洞危害
Successful exploitation of the vulnerability allows authenticated attackers to execute arbitrary code by specifying a large mailbox name.
解决方案
IBM has issued a fix (8.5.3 Fix Pack 6 Interim Fix 17 and 9.0.1 Fix Pack 8 Interim Fix 2).
Refer to IBM advisory swg22002280 to obtain more information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论